From 4e4da828b579a8dd1847ddc907566ad769122e18 Mon Sep 17 00:00:00 2001 From: Christine Dodrill Date: Fri, 28 Apr 2017 20:08:11 -0700 Subject: [PATCH] server: fix build --- gopreload.go => cmd/routed/gopreload.go | 0 gops.go => cmd/routed/gops.go | 0 main.go => cmd/routed/main.go | 0 server/common.go | 2 +- server/route.go | 48 +++++++++++++++++-------- server/server.go | 18 ++++++++-- server/token.go | 6 ++-- 7 files changed, 53 insertions(+), 21 deletions(-) rename gopreload.go => cmd/routed/gopreload.go (100%) rename gops.go => cmd/routed/gops.go (100%) rename main.go => cmd/routed/main.go (100%) diff --git a/gopreload.go b/cmd/routed/gopreload.go similarity index 100% rename from gopreload.go rename to cmd/routed/gopreload.go diff --git a/gops.go b/cmd/routed/gops.go similarity index 100% rename from gops.go rename to cmd/routed/gops.go diff --git a/main.go b/cmd/routed/main.go similarity index 100% rename from main.go rename to cmd/routed/main.go diff --git a/server/common.go b/server/common.go index 7865e68..5346242 100644 --- a/server/common.go +++ b/server/common.go @@ -21,7 +21,7 @@ func (s *Server) getAuth(ctx context.Context, scope string) (database.Token, err md, ok := metadata.FromContext(ctx) if !ok { - return "", grpc.Errorf(codes.Unauthenticated, "valid token required.") + return database.Token{}, grpc.Errorf(codes.Unauthenticated, "valid token required.") } jwtToken, ok := md["authorization"] diff --git a/server/route.go b/server/route.go index e1eeb9c..2b5a75e 100644 --- a/server/route.go +++ b/server/route.go @@ -3,7 +3,6 @@ package server import ( proto "git.xeserv.us/xena/route/proto" "github.com/Xe/ln" - "github.com/pkg/errors" "golang.org/x/net/context" ) @@ -17,16 +16,13 @@ var ( _ proto.RoutesServer = &Route{} ) -// errors -var () - -// generic error message -const ( - errorMsg = "internal service error, verify your parameters and try again later" -) - // Get fetches a route from the database. func (r *Route) Get(ctx context.Context, req *proto.GetRouteRequest) (*proto.Route, error) { + clitok, err := r.getAuth(ctx, "route:get") + if err != nil { + return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Get_getAuth"}) + } + val, err := r.db.GetRoute(ctx, req.Host) if err != nil { ln.Error(err, ln.F{"action": "Route.Get"}) @@ -34,12 +30,21 @@ func (r *Route) Get(ctx context.Context, req *proto.GetRouteRequest) (*proto.Rou return nil, err } + if val.Creator != clitok.Owner { + return nil, handleError(ctx, clitok, ErrNotAuthorized, ln.F{"action": "Route.Get_wrong_ownership"}) + } + return val.AsProto(), nil } // GetAll fetches all of the routes that you own. func (r *Route) GetAll(ctx context.Context, req *proto.Nil) (*proto.GetAllRoutesResponse, error) { - routes, err := r.db.GetAllRoutes() + clitok, err := r.getAuth(ctx, "route:getall") + if err != nil { + return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.GetAll_getAuth"}) + } + + routes, err := r.db.GetAllRoutes(ctx, clitok.Owner) if err != nil { ln.Error(err, ln.F{"action": "Route.GetAll"}) @@ -59,6 +64,11 @@ func (r *Route) GetAll(ctx context.Context, req *proto.Nil) (*proto.GetAllRoutes } func (r *Route) Put(ctx context.Context, rt *proto.Route) (*proto.IDResponse, error) { + clitok, err := r.getAuth(ctx, "route:put") + if err != nil { + return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Put_getAuth"}) + } + drt, err := r.db.PutRoute(ctx, rt.Host, "http") if err != nil { ln.Error(err, ln.F{"action": "Route.Put"}) @@ -68,10 +78,15 @@ func (r *Route) Put(ctx context.Context, rt *proto.Route) (*proto.IDResponse, er return &proto.IDResponse{ Id: drt.ID, - } + }, nil } func (r *Route) Delete(ctx context.Context, rt *proto.Route) (*proto.IDResponse, error) { + clitok, err := r.getAuth(ctx, "route:delete") + if err != nil { + return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Delete_getAuth"}) + } + drt, err := r.db.GetRoute(ctx, rt.Host) if err != nil { ln.Error(err, ln.F{"action": "Route.Delete_getRoute_verify"}) @@ -79,13 +94,18 @@ func (r *Route) Delete(ctx context.Context, rt *proto.Route) (*proto.IDResponse, return nil, err } - err := r.db.DeleteRoute(ctx, rt.Id) + if drt.Creator != clitok.Owner { + return nil, handleError(ctx, clitok, ErrNotAuthorized, ln.F{"action": "Route.Delete_not_authorized"}) + } + + err = r.db.DeleteRoute(ctx, rt.Id) f := drt.F() f["action"] = "Route.Delete_db.DeleteRoute" if err != nil { - ln.Error(err, f) - return nil, err + handleError(ctx, clitok, ErrNotAuthorized, f) } + ln.Log(f, drt.F()) + return &proto.IDResponse{Id: rt.Id}, nil } diff --git a/server/server.go b/server/server.go index bf28864..55dafb6 100644 --- a/server/server.go +++ b/server/server.go @@ -10,8 +10,10 @@ import ( "git.xeserv.us/xena/route/database" "git.xeserv.us/xena/route/lib/tun2" + proto "git.xeserv.us/xena/route/proto" "github.com/mtneug/pkg/ulid" "golang.org/x/crypto/acme/autocert" + "google.golang.org/grpc" ) // RPC constants @@ -25,7 +27,7 @@ type Server struct { db database.Storage ts *tun2.Server - autocert.Manager + *autocert.Manager } // Config configures Server @@ -54,7 +56,7 @@ func New(cfg Config) (*Server, error) { return nil, err } - m := autocert.Manager{ + m := &autocert.Manager{ Prompt: autocert.AcceptTOS, Cache: database.Cache(db), HostPolicy: nil, @@ -87,6 +89,18 @@ func New(cfg Config) (*Server, error) { s.ts = ts go ts.ListenAndServe() + var gs *grpc.Server + + proto.RegisterRoutesServer(gs, &Route{Server: s}) + proto.RegisterTokensServer(gs, &Token{Server: s}) + + l, err := net.Listen("tcp", cfg.GRPCAddr) + if err != nil { + return nil, err + } + + go gs.Serve(l) + return s, nil } diff --git a/server/token.go b/server/token.go index 08d2066..8d42b41 100644 --- a/server/token.go +++ b/server/token.go @@ -1,12 +1,10 @@ package server import ( - "context" - + proto "git.xeserv.us/xena/route/proto" "github.com/Xe/ln" "github.com/Xe/uuid" - - proto "git.xeserv.us/xena/route/proto" + "golang.org/x/net/context" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" )